CCI-001063
CCI-001063 Definition
Update the system vulnerabilities scanned on an organization-defined frequency, prior to a new scan, and/or when new vulnerabilities are identified and reported.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed will update the list of information system vulnerabilities scanned for prior to running scans. The organization must maintain a record of scans including the list of vulnerabilities scanned for. DoD has defined the frequency as prior to running scans.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the record of scans to ensure the latest most up to date scanning policies are present.
Compelling Evidence
1.) Documentation that scanning tool being used is up to date.